LIMITED OFFERUnlimited conversions for $1/week — Cancel anytimeStart trial

Privacy Policy

Last Updated: February 7, 2026

Introduction

Zera Books (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service at zerabooks.com (the “Service”). By using our Service, you consent to the data practices described in this policy.

We operate from British Columbia, Canada, and comply with Canadian privacy laws including PIPEDA, as well as international regulations including GDPR and CCPA where applicable.

Information We Collect

Personal Information You Provide

When you create an account or use our Service, we collect:

  • Name and email address
  • Account credentials (passwords are encrypted using industry-standard bcrypt hashing)
  • Payment information (processed and stored securely by Stripe, not by us)
  • Communications you send to us (support emails)

Information Automatically Collected

When you use our Service, we automatically collect:

  • IP address and browser information
  • Device information and operating system
  • Browser fingerprint (for anonymous user rate limiting)
  • Usage data (pages visited, features used, conversion statistics)
  • Cookies and similar tracking technologies (see Cookie Policy section)

Documents You Upload

Important: PDF files you upload for conversion are processed temporarily in memory and are immediately and permanently deleted after processing. We do not store, retain, access, or review your financial documents. The converted output is delivered directly to you and not retained on our servers.

How We Use Your Information

We use the collected information for the following purposes:

  • To provide and maintain our Service
  • To process your PDF conversions
  • To manage your account and subscriptions
  • To process payments through Stripe
  • To send transactional emails (password resets, payment confirmations)
  • To respond to your support requests
  • To monitor and analyze usage patterns to improve our Service
  • To detect and prevent fraud or abuse
  • To comply with legal obligations
  • To send marketing communications (with your consent, which you can withdraw anytime)

Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process your data based on:

  • Contract: Processing necessary to provide our Service
  • Legitimate Interests: Improving our Service, fraud prevention, and security
  • Consent: For marketing communications and optional analytics
  • Legal Obligation: When required by law

Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We share your information only in these circumstances:

Service Providers

We work with trusted third-party services to operate our Service:

  • Stripe: Payment processing and subscription management
  • Supabase: Database hosting and authentication
  • OpenRouter: AI-powered document processing
  • Google: OAuth authentication and analytics
  • Resend: Transactional email delivery

These providers access only the information necessary to perform their services and are contractually obligated to protect your data.

Legal Requirements

We may disclose your information if required by law, court order, or governmental regulation, or if we believe disclosure is necessary to protect rights, property, or safety.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

Cookie Policy

We use cookies and similar tracking technologies to enhance your experience:

Essential Cookies

Required for authentication, security, and basic functionality. Cannot be disabled.

Analytics Cookies

Help us understand usage patterns and improve our Service (Google Analytics).

Marketing Cookies

May be used for targeted advertising and measuring campaign effectiveness.

Preference Cookies

Remember your settings and preferences for a better experience.

You can control cookies through your browser settings. Note that disabling certain cookies may limit Service functionality.

Data Security

We implement industry-standard security measures to protect your information:

  • SSL/TLS encryption for all data transmission
  • Bcrypt hashing for password storage
  • Row-level security (RLS) in our database
  • Regular security audits and updates
  • Secure API endpoints with authentication
  • PCI-compliant payment processing through Stripe

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but commit to promptly notifying you of any data breaches as required by law.

Data Retention

We retain your information only as long as necessary:

  • Account Data: Retained while your account is active or as needed to provide services
  • Uploaded PDFs: Immediately deleted after processing (not retained)
  • Payment Records: 7 years as required by financial regulations
  • Usage Logs: 90 days for security and debugging
  • Marketing Data: Until you unsubscribe or request deletion

Upon account deletion, we remove all personal data except what we're legally required to retain.

Your Privacy Rights

You have the following rights regarding your personal information:

Universal Rights

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Export your data in a portable format
  • Opt-out of marketing communications
  • Withdraw consent for data processing

GDPR Rights (EU Users)

  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making

CCPA Rights (California Users)

  • Right to know what information is collected
  • Right to delete personal information
  • Right to opt-out of sale (we don't sell data)
  • Right to non-discrimination

To exercise any of these rights, contact us at daminmutti@zerabooks.com. We will respond within 30 days.

International Data Transfers

Your information may be transferred to and processed in countries other than your own, including Canada and the United States. These countries may have different data protection laws than your jurisdiction.

We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses and adequacy decisions where applicable.

Children's Privacy

Our Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover we have collected information from a child under 18, we will promptly delete it. If you believe we have information from a child, please contact us immediately.

Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any information.

Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes by email or through a notice on our Service at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

We encourage you to review this Privacy Policy regularly. The “Last Updated” date at the top indicates when it was last revised.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Zera Books

Email: daminmutti@zerabooks.com

British Columbia, Canada

For GDPR inquiries, EU users may also contact their local data protection authority.